Custom Python stateless active response script example?
96 views
Skip to first unread message
Jamie Navarro
May 9, 2023, 3:00:00 PM5/9/23
to Wazuh mailing list
Hello,
I see that you guys have an example stateful active response Python script:
But do you guys have a stateless active response Python script example anywhere?
Thanks!
Lucio Donda
May 9, 2023, 3:23:27 PM5/9/23
to Wazuh mailing list
Hi Jamie,
Actually, a stateless active response script should be simpler, so you could remove the delete command in that one and it should work.
I haven't found any example on our docs but this community (sorry it's kinda old) was trying to use something like that.
Are you trying to use it and for some reason is not working? We're you able to check the bash scripts on our repo for guidance?
Actually, a stateless active response script should be simpler, so you could remove the delete command in that one and it should work.
I haven't found any example on our docs but this community (sorry it's kinda old) was trying to use something like that.
Are you trying to use it and for some reason is not working? We're you able to check the bash scripts on our repo for guidance?
Jamie Navarro
May 16, 2023, 11:34:32 AM5/16/23
to Wazuh mailing list
Hi Lucio,
I'm sorry I'm only replying just now - I didn't realize anyone replied (Google never sent me an email about a reply). Thank you for getting back to me! No, I don't have any problem with the stateful script - it's just that I don't need that 2nd action (Delete) to happen - I basically just need to search the contents of a file and do something depending on if it finds a match or not - it can all happen at the same time - nothing needs to happen 60 seconds later. So I wanted to simplify the script as much as I can.
I'll check those links out to see if it helps!
Thank you,
Jamie
Reply all
Reply to author
Forward
0 new messages